d38855cc8d889496f5a6b50876a45b9a7c2e9b0a63291bcc60f5d3e89c884023 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d38855cc8d889496f5a6b50876a45b9a7c2e9b0a63291bcc60f5d3e89c884023
Size

695KB
MD5

c62ff3518ca60bca72067aaa639d2d97
SHA1

e4da485ad0cf96c000456b5cfc637511d5f458b9
SHA256

d38855cc8d889496f5a6b50876a45b9a7c2e9b0a63291bcc60f5d3e89c884023
SHA512

4fea90d040930e97bc40b0d02629f4ba4f18a872c1910dd26dcdcdc661aa31faea0b9c72cd7836f7de1e89e9a540bf066c7afe09ed5f993b4b41219b6881ade2
SSDEEP

12288:TbsnYG+dapMuHx0P/GlusM+0IUotkvXvPpoO+7SwRVWFSZ0L20cvj:TbJhGHxCMuM0ikvUCzy0cvj

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

d38855cc8d889496f5a6b50876a45b9a7c2e9b0a63291bcc60f5d3e89c884023
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 996KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 685KB - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 836KB - Virtual size: 834KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 360KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ